Cinemagia Mobile 3.9.3 (iOS / App Store)

This application is available for iOS. This app is designed to enrich media activities to bring features such as discovering Romanian cinemas and TV and buying movie tickets for other shows via your mobile phone. The latest build was released on Sep 06, 2016. Our latest check was performed on Mar 26th, 2017

Findings Summary

Our examination revealed total 21 items, where were 3 DAR items and 18 DIT items found. Among DAR items were found 0 worst items, 2 bad items, 1 good item, and 0 best items. Among DIT items were found 3 worst items, 15 bad items, 0 good items, and 0 best items.

Below you find 3 infographics summarizing what we described above. Each image provides information about both DAR and DIT items.

Protection levels.

Locally stored data (Data-at-Rest, DAR).

Locally stored data groups include Media Information, Social Information.The average DAR value is 4.50 points (7.00 points of system protection and 2.00 points of own protection). It is higher than a typical value (3.5 points, where’s 7 points of system protection and 0 points of own protection).

Items’ GROUP #1 with average value 6.50 points (7 points of system protection, 6 points of own protection) means data protection levels have following definitions. Frankly talking, protection and privacy issues are still possible but might involve interaction with an app code where system protection level means – root/jailbreak is required but not possible without wiping device data, and own protection level means – data is not available in backups.

Items’ GROUP #2 with average value 3.50 points (7 points of system protection, 0 points of own protection) means data protection levels have following definitions. Frankly talking, extra data found that shouldn’t be accessed where system protection level means – root/jailbreak is required but not possible without wiping device data, and own protection level means – stored as is.

– Credentials (IDs) (‘Social Information’ Group) – Only account IDs like app or 3rd party user IDs including emails, phone number, usernames, etc. (depends on apps). This data item related to mentioned group meant to be info grabbed from 3rd party social networks,

– Credentials (Tokens) (‘Social Information’ Group) – Different tokens used to get access to your account, except for passwords but including app or 3rd party tokens, secret keys, etc. (usually give full access to your account). This data item related to mentioned group meant to be info grabbed from 3rd party social networks

Also, keep in mind, using jailbroken device means the system protection level is 0 points and you’re using out-of-date iOS < 8.3 the system protection level is 2 points. If some data marked as shareable via iTunes, then the system protection level is 4 points.

Transferred data (Data-in-Transit, DIT).

Transferred data groups include Location ‘n’ Maps Information, Booking ‘n’ Purchases Information, Device Information, Social Information, Credentials Information, Account Information, Payment ‘n’ Transaction Information.The average DIT value is 3.75 points (4.17 points of system protection and 3.33 points of own protection). It is less than a typical value (4 points, where’s 4 points of system protection and 4 points of own protection).

Items’ GROUP #1 with average value 4.50 points (5 points of system protection, 4 points of own protection) means data protection levels have following definitions. Frankly talking, data available if it’s allowed only and may require user action where system protection level means – some techniques are available to developers to keep connection bypassing system settings, like proxy settings, etc., and own protection level means – bypassed by fake/stolen root certificates.

– GEO Data (‘Location ‘n’ Maps Information’ Group) – Any GEO info stored as plain text referred to the places or tracked activity. This data item related to mentioned group meant to be any geodata from trackers, social networks, GPS, etc.,

– Orders & Reservation Details (‘Booking ‘n’ Purchases Information’ Group) – Full info about orders, reservations, like ID, date and time, amount of payment, flight routes, hotel or another order details, rules, linked data. This data item related to mentioned group meant to be any info related to your booking and purchases like travel, app or another kind of purchases,

– Credentials (IDs) (‘Social Information’ Group) – Only account IDs like app or 3rd party user IDs including emails, phone number, usernames, etc. (depends on apps). This data item related to mentioned group meant to be info grabbed from 3rd party social networks,

– Credentials (Tokens) (‘Social Information’ Group) – Different tokens used to get access to your account, except for passwords but including app or 3rd party tokens, secret keys, etc. (usually give full access to your account). This data item related to mentioned group meant to be info grabbed from 3rd party social networks,

– Contact Short Profile (‘Social Information’ Group) – Name, Email ID, Phone number of contacts. This data item related to mentioned group meant to be info grabbed from 3rd party social networks,

– Account Data (‘Account Information’ Group) – Basic info about account like name, a list of sub-account (e.g. financial or other) and some linked data like a phone number. This data item related to mentioned group meant to be any info related to profiles, basic credential IDs like email or username or phone number plus some more info depends on applications,

– Credentials (Passwords) (‘Credentials Information’ Group) – Well-known passwords or PINs you’re using to get access to your account (usually it is worse than tokens because it gives full access to your account). This data item related to mentioned group meant to be any types of credentials including basic (IDs only), passwords, tokens, etc.,

– Card Full Information (‘Payment ‘n’ Transaction Information’ Group) – All details about card include short info, holder address, bank info and CVC, CVV, CVV2. This data item related to mentioned group meant to be details about transactions and payment data involved into transaction records,

– Orders & Reservation Details (‘Payment ‘n’ Transaction Information’ Group) – Full info about orders, reservations, like ID, date and time, amount of payment, flight routes, hotel or another order details, rules, linked data. This data item related to mentioned group meant to be details about transactions and payment data involved into transaction records,

– Credentials (Passwords) (‘Social Information’ Group) – Well-known passwords or PINs you’re using to get access to your account (usually it is worse than tokens because it gives full access to your account). This data item related to mentioned group meant to be info grabbed from 3rd party social networks,

– Buyer’s Data (‘Booking ‘n’ Purchases Information’ Group) – Some info about buyers, such as Name, phone number, and email. This data item related to mentioned group meant to be any info related to your booking and purchases like travel, app or another kind of purchases,

– Orders & Reservation History (‘Booking ‘n’ Purchases Information’ Group) – Basic info about orders, reservations, like ID, date and time, amount of payment, and place (depends on apps). This data item related to mentioned group meant to be any info related to your booking and purchases like travel, app or another kind of purchases

– Media Data (‘Social Information’ Group) – Any info like images, audios, videos, media notes, etc. This data item related to mentioned group meant to be info grabbed from 3rd party social networks,

– Media Data (‘Account Information’ Group) – Any info like images, audios, videos, media notes, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential IDs like email or username or phone number plus some more info depends on applications

Keep in mind if you’re using out-of-date iOS < 9.0, the system level equals 2 points instead of 4. It means your data can be stolen without involving your actions.

Privacy Policy

You may find privacy policy details proceeding the link above to compare developer’s vision on data protection with our results.
This privacy policy published in Romanian, so we put below Google-Translated edition
Cinemagia – Terms and Conditions
Below are the terms and conditions of use of the site Cinemagia. For terms and conditions of use of the service purchase tickets, click here
General terms
Terms and conditions of use of the site http://www.cinemagia.ro (hereinafter “Terms and Conditions”) establishes the conditions under which any person may visit or access the website http://www.cinemagia.ro (hereinafter “Site “and / or” Movie “) or can be used in any way CineMagia service offered through the Site (hereinafter” service Movie “), and has a value of agreements concluded between iMedia Plus Group SA (Hereinafter “iMedia”), in its capacity as owner and administrator of the Site and the Provider Service Movie, and any person visiting or accessing the Site or who want to use in any manner or actually use the service CineMagia (hereinafter “User”). Not accepting these Terms and Conditions or any provision of these attract duty of that person to stop accessing the Site and access or visit further the Site, any page in it and / or use of the Service Movie and of any component thereof constitute a full and unconditional acceptance of the Terms and Conditions and any of its stipulations
Information note on the processing of personal data
By using the services offered by the site expreSSLy express consent for iMedia to process, store and transmit personal data provided by you carcater
According to Law no. 677/2001 on the protection of individuals with regard to the processing of personal cacracter and free movement of such data, amended and supplemented, and the Law. 506/2004 concerning the processing of personal data and privacy in communications sector computer aided manufacture, iMedia will manage safely and only for specified purposes personal data you provide about your purpose of data collection is: advertising, marketing and advertising and electronic communications services. Your refusal makes it impossible to benificia of services offered by iMedia. The information provided is intended for use by iMedia and are communicated only to the following recipients: iMedia contractual partners and other companies in the same group with iMedia
By registering on the site you will receive information about products, services, events etc. offered by iMedia and our business partners
According to Law no. 677/2001, have the right to access, right to the data, the right not to be subjected to an individual decision and the right to go to court. Also you have the right to oppose the processing of your personal data and request deletion. You agree that deleting your personal data will be followed by deleting your account in the system and the inability to apply to services and products offered by iMedia
To exercise these rights can make a request in writing that your requirement to send by mail to: Bucharest, Bd. Pierre de Coubertin no. 3-5, Office Building, 5th Floor, District 2
If some of your information is incorrect, please let us know as soon as possible
iMedia is registered as personal data operator no. 9762
Materials and information accessible through the Site
The content and graphic elements of the Site, including but not limited to, all text content and technical sources of all services and facilities present and future, unless it is expreSSLy mentioned another owner sources pages but any other material transmitted in any form and by the user (by direct visualization on site, newsletters etc.) belong iMedia and partners and represent the content of the site
Site content, regardless of where they are in the site and regardless of type, can be used exclusively for personal purposes. Any use of content by third parties for purposes other than personal, can be made only with written consent and express prior iMedia. Thus it is forbidden to copy, download, reproduce, publish, transfer, sale, distribution partial, full or modified content of this website or any part thereof for reasons other than personal, with the following exceptions:
is reproduced (non commercial websites, forums, newspaper articles, etc.) small excerpts from articles published (max. 2 paragraphs). Specify the source of information retrieved is mandatory following form: (Source: Movie – http://www.cinemagia.ro) allowed links to the site and specify the source of information will be made after every link or the end of the article as follows: ” information provided courtesy Movie “. iMedia reserves the right to sue any person and / or entity in any way violate the above provisions
Requests to use website content for any purpose other than personal can be made at: Bd. Pierre de Coubertin, no. 3-5, tower block, et. May sect. 2, Bucuresti, cod 021 901 specification “Attention editorial Movie, or by e-mail at contact@cinemagia.ro
Any person who sends in any way information or materials to the Site assume the obligation not to prejudice in any way the copyrights that a third party could invoke related material and information transmitted in any way to the site and people who ships in any way information or materials understand and accept that in any way breach this obligation can not engage in no way the responsibility of iMedia, but only the responsibility of those persons
Services cost: Buying tickets to cinemas
Users can benefit Cinemagia service surcharge on buying tickets at cinemas partner. For terms and conditions of this service, click here
limitation of liability
iMedia assumes no obligation and does not guarantee either express or implied, for the contents of the Site, the content supplied by its partners or users of the Site. iMedia will make all reasonable efforts to ensure the accuracy and confidence in and will try to correct errors and omissions as quickly as possible
However, iMedia is not responsible for inaccuracies, errors or omissions in the information provided by users. ExpreSSLy Site users agree to indemnify the iMedia any judicial or extrajudicial action that comes as a result of misuse or fraudulent use of the Site
To force majeure, iMedia and / or operators, directors, employees, subsidiaries, affiliates and its representatives is totally exonerated from responsibility. Cases of force majeure include, but are not limited to, errors in operating the technical equipment of iMedia, lack functioning internet connection, lack of functioning telephone connections, computer viruses, unauthorized access to systems Site, operation errors, strike, and so on
Users agree to protect and ensure the iMedia and / or operators, directors, employees, subsidiaries, affiliates and representatives harmless from and against any claims, demands, actions, charges, losses, damages, costs (including without any kind of limitation attorney’s fees), costs, judgments, decisions, fines, regulations or other obligations arising or related to any other action in connection with the User’s use of the service or any other aspect related Movie Movie Service
Modification of Terms and Conditions
iMedia has the right to modify in any way any provision of the Terms or terms and conditions in full, without any notice and without being obliged to meet any other formality Users. Any change is fully and unconditionally accepted by Site users by simply using or accessing any facility offered by site or service CineMagia or by accessing the Site, occurring any time after the operation change and not accept any changes attract obligation that User to stop accessing the Site and / or use the Service in any manner Movie
Applicable law. litigation
Rights and obligations of users of the Site and iMedia stipulated by Terms and Conditions and all legal effects they produce Terms and Conditions shall be construed and governed in accordance with Romanian law in force. Any dispute arising out of or relating to these Terms and Conditions shall be settled amicably. In case of impossibility to reach an agreement, the dispute will be settled by the competent Romanian court located within the area of Bucharest